<?php
session_start();
if ($_SESSION['auth'] != true && $_SESSION['rule'] != "PROVIDER") {
	die('Not log in');
}
include("includes/provider_lib.php");

switch($_GET['action']){
case "add_item_before_attach":
	$itemId = addItem($_POST['channelid'],$_POST['title'],$_POST['link']
		,$_POST['description'],$_POST['guid'],$_SESSION['userdata']['username']);
	echo $itemId;
	//echo $_POST['title'].$_POST['description'];
	break;
case "add_item":
	addItem($_POST['channelid'],$_POST['title'],$_POST['link'],$_POST['description']
		,$_POST['guid'],$_SESSION['userdata']['username']);
	echo "Added";
	break;
case "edit_item":
	editItem($_POST['itemid'],$_POST['channelId'],$_POST['title'],$_POST['link']
		,$_POST['description'],$_POST['guid'],$_SESSION['userdata']['username']);
	echo "Edited";
	break;
case "remove_item":
	removeItem($_POST['itemid']);
	break;
case "upload_file":
	//old way:
	$allowedFileType = array('image/gif','image/jpeg','image/png','application/pdf'
		,'application/msword','application/vnd.ms-excel','text/plain'); 
	$uploadPath = './upload';
	$limitSize = 1024000;
	$inputname = 'fileAttach';
	
	$name = $HTTP_POST_FILES['fileAttach']['name'];
	$extPos = strrpos($name,'.');
	if($extPos > 0)$ext = substr($name,$extPos);
	$fileName = mktime().$ext;
	
	$fileId = uploadFile($_POST['itemid'],$inputname,$limitSize,$allowedFileType,$uploadPath.'/'.$fileName,$HTTP_POST_FILES); 
	//echo "provider_remove_file.php?fileid=$fileId";
	echo "<script type='text/javascript'>location.href = 'provider_remove_file.php?fileid=$fileId'; </script>";
	//header("Location","provider_remove_file.php?fileid=$fileId");
	break;
case "update_editable":
	$lastMo = lastModified();
	if($lastMo != $_SESSION['time_update_publisher'] 
			|| empty($_SESSION['time_update_publisher'])
			|| $_GET['init'] == "init"){
		$_SESSION['time_update_publisher'] = $lastMo;	  	
		$old = getAllNotPublish($_SESSION['userdata']['username']);
		if($old != ''){
			echo "<table width='100%'>";
			foreach($old as $e)
			{
				echo "<tr><td>";
				echo "<a href=\"#\" onclick=\"document.getElementById('main-right-box').src
						='provider_edit_item2.php?id=".$e['id']."'\">".$e['title']."</a>";
				echo "</td></tr><tr><td style='font-size:x-small'>";
				echo $e['pubdate'];
				echo "<br /></tr></td>";
			}
			echo "</table>";
		}
	}else{
		echo $NO_UPDATE;
	}
	break;
default:
	echo "error somehow. please contract helpdesk.";
	break;
}
?>